summaryrefslogtreecommitdiff
path: root/contrib/earthdistance
Commit message (Collapse)AuthorAgeFilesLines
* Make contrib modules' installation scripts more secure.Tom Lane2020-08-101-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Hostile objects located within the installation-time search_path could capture references in an extension's installation or upgrade script. If the extension is being installed with superuser privileges, this opens the door to privilege escalation. While such hazards have existed all along, their urgency increases with the v13 "trusted extensions" feature, because that lets a non-superuser control the installation path for a superuser-privileged script. Therefore, make a number of changes to make such situations more secure: * Tweak the construction of the installation-time search_path to ensure that references to objects in pg_catalog can't be subverted; and explicitly add pg_temp to the end of the path to prevent attacks using temporary objects. * Disable check_function_bodies within installation/upgrade scripts, so that any security gaps in SQL-language or PL-language function bodies cannot create a risk of unwanted installation-time code execution. * Adjust lookup of type input/receive functions and join estimator functions to complain if there are multiple candidate functions. This prevents capture of references to functions whose signature is not the first one checked; and it's arguably more user-friendly anyway. * Modify various contrib upgrade scripts to ensure that catalog modification queries are executed with secure search paths. (These are in-place modifications with no extension version changes, since it is the update process itself that is at issue, not the end result.) Extensions that depend on other extensions cannot be made fully secure by these methods alone; therefore, revert the "trusted" marking that commit eb67623c9 applied to earthdistance and hstore_plperl, pending some better solution to that set of issues. Also add documentation around these issues, to help extension authors write secure installation scripts. Patch by me, following an observation by Andres Freund; thanks to Noah Misch for review. Security: CVE-2020-14350
* Fix earthdistance test suite function name typo.Noah Misch2018-07-292-24/+28
| | | | | | Affected test queries have been testing the wrong thing since their introduction in commit 4c1383efd132e4f532213c8a8cc63a455f55e344. Back-patch to 9.3 (all supported versions).
* Improve English wording of some other getObjectDescription() messages.Tom Lane2018-05-241-4/+4
| | | | | | | | | | | | | | | Print columns as "column C of <relation>" rather than "<relation> column C". This seems to read noticeably better in English, as evidenced by the regression test output changes, and the code change also makes it possible for translators to adjust the phrase order in other languages. Also change the output for OCLASS_DEFAULT from "default for %s" to "default value for %s". This seems to read better and is also more consistent with the output of, for instance, getObjectTypeDescription(). Kyotaro Horiguchi, per a complaint from me Discussion: https://postgr.es/m/20180522.182020.114074746.horiguchi.kyotaro@lab.ntt.co.jp
* Phase 3 of pgindent updates.Tom Lane2017-06-211-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | Don't move parenthesized lines to the left, even if that means they flow past the right margin. By default, BSD indent lines up statement continuation lines that are within parentheses so that they start just to the right of the preceding left parenthesis. However, traditionally, if that resulted in the continuation line extending to the right of the desired right margin, then indent would push it left just far enough to not overrun the margin, if it could do so without making the continuation line start to the left of the current statement indent. That makes for a weird mix of indentations unless one has been completely rigid about never violating the 80-column limit. This behavior has been pretty universally panned by Postgres developers. Hence, disable it with indent's new -lpl switch, so that parenthesized lines are always lined up with the preceding left paren. This patch is much less interesting than the first round of indent changes, but also bulkier, so I thought it best to separate the effects. Discussion: https://postgr.es/m/E1dAmxK-0006EE-1r@gemulon.postgresql.org Discussion: https://postgr.es/m/30527.1495162840@sss.pgh.pa.us
* Remove support for version-0 calling conventions.Andres Freund2017-03-301-22/+0
| | | | | | | | | | | | | | | The V0 convention is failure prone because we've so far assumed that a function is V0 if PG_FUNCTION_INFO_V1 is missing, leading to crashes if a function was coded against the V1 interface. V0 doesn't allow proper NULL, SRF and toast handling. V0 doesn't offer features that V1 doesn't. Thus remove V0 support and obsolete fmgr README contents relating to it. Author: Andres Freund, with contributions by Peter Eisentraut & Craig Ringer Reviewed-By: Peter Eisentraut, Craig Ringer Discussion: https://postgr.es/m/20161208213441.k3mbno4twhg2qf7g@alap3.anarazel.de
* Fix typos in comments.Heikki Linnakangas2017-02-061-1/+1
| | | | | | | | | Backpatch to all supported versions, where applicable, to make backpatching of future fixes go more smoothly. Josh Soref Discussion: https://www.postgresql.org/message-id/CACZqfqCf+5qRztLPgmmosr-B0Ye4srWzzw_mo4c_8_B_mtjmJQ@mail.gmail.com
* psql: Split up "Modifiers" column in \d and \dDPeter Eisentraut2016-11-031-4/+4
| | | | | | Make separate columns "Collation", "Nullable", "Default". Reviewed-by: Kuntal Ghosh <kuntalghosh.2007@gmail.com>
* Message style improvementsPeter Eisentraut2016-07-251-1/+1
|
* Update earthdistance extension for parallel query.Robert Haas2016-06-074-5/+27
| | | | | | All functions provided by this extension are PARALLEL SAFE. Andreas Karlsson
* Add missed CREATE EXTENSION ... CASCADE regression test adjustment.Andres Freund2015-10-031-0/+1
|
* Improve speed of make check-worldPeter Eisentraut2015-04-231-1/+1
| | | | | | | | | | | | | | | Before, make check-world would create a new temporary installation for each test suite, which is slow and wasteful. Instead, we now create one test installation that is used by all test suites that are part of a make run. The management of the temporary installation is removed from pg_regress and handled in the makefiles. This allows for better control, and unifies the code with that of test suites not run through pg_regress. review and msvc support by Michael Paquier <michael.paquier@gmail.com> more review by Fabien Coelho <coelho@cri.ensmp.fr>
* Fix typos in some error messages thrown by extension scripts when fed to psql.Andres Freund2014-08-251-1/+1
| | | | | | | | | | Some of the many error messages introduced in 458857cc missed 'FROM unpackaged'. Also e016b724 and 45ffeb7e forgot to quote extension version numbers. Backpatch to 9.1, just like 458857cc which introduced the messages. Do so because the error messages thrown when the wrong command is copy & pasted aren't easy to understand.
* Add file version information to most installed Windows binaries.Noah Misch2014-07-141-0/+1
| | | | | | | | Prominent binaries already had this metadata. A handful of minor binaries, such as pg_regress.exe, still lack it; efforts to eliminate such exceptions are welcome. Michael Paquier, reviewed by MauMau.
* Adjust blank lines around PG_MODULE_MAGIC defines, for consistencyBruce Momjian2014-07-101-1/+0
| | | | Report by Robert Haas
* pgindent run for 9.4Bruce Momjian2014-05-061-1/+1
| | | | | This includes removing tabs after periods in C comments, which was applied to back branches, so this change should not effect backpatching.
* Create function prototype as part of PG_FUNCTION_INFO_V1 macroPeter Eisentraut2014-04-181-2/+0
| | | | | | | | | | | | | | | | | Because of gcc -Wmissing-prototypes, all functions in dynamically loadable modules must have a separate prototype declaration. This is meant to detect global functions that are not declared in header files, but in cases where the function is called via dfmgr, this is redundant. Besides filling up space with boilerplate, this is a frequent source of compiler warnings in extension modules. We can fix that by creating the function prototype as part of the PG_FUNCTION_INFO_V1 macro, which such modules have to use anyway. That makes the code of modules cleaner, because there is one less place where the entry points have to be listed, and creates an additional check that functions have the right prototype. Remove now redundant prototypes from contrib and other modules.
* Throw a useful error message if an extension script file is fed to psql.Tom Lane2011-10-122-0/+6
| | | | | | | | | | | | | | | | We have seen one too many reports of people trying to use 9.1 extension files in the old-fashioned way of sourcing them in psql. Not only does that usually not work (due to failure to substitute for MODULE_PATHNAME and/or @extschema@), but if it did work they'd get a collection of loose objects not an extension. To prevent this, insert an \echo ... \quit line that prints a suitable error message into each extension script file, and teach commands/extension.c to ignore lines starting with \echo. That should not only prevent any adverse consequences of loading a script file the wrong way, but make it crystal clear to users that they need to do it differently now. Tom Lane, following an idea of Andrew Dunstan's. Back-patch into 9.1 ... there is not going to be much value in this if we wait till 9.2.
* Avoid locale dependency in expected output.Tom Lane2011-08-242-190/+0
| | | | | | We'll have to settle for just listing the extensions' data types, since function arguments seem to sort differently in different locales. Per buildfarm results.
* Fix multiple bugs in extension dropping.Tom Lane2011-08-242-2/+404
| | | | | | | | | | | | | | | | | | | | | | | | | When we implemented extensions, we made findDependentObjects() treat EXTENSION dependency links similarly to INTERNAL links. However, that logic contained an implicit assumption that an object could have at most one INTERNAL dependency, so it did not work correctly for objects having both INTERNAL and DEPENDENCY links. This led to failure to drop some extension member objects when dropping the extension. Furthermore, we'd never actually exercised the case of recursing to an internally-referenced (owning) object from anything other than a NORMAL dependency, and it turns out that passing the incoming dependency's flags to the owning object is the Wrong Thing. This led to sometimes dropping a whole extension silently when we should have rejected the drop command for lack of CASCADE. Since we obviously were under-testing extension drop scenarios, add some regression test cases. Unfortunately, such test cases require some extensions (duh), so we can't test for problems in the core regression tests. I chose to add them to the earthdistance contrib module, which is a good test case because it has a dependency on the cube contrib module. Back-patch to 9.1. Arguably these are pre-existing bugs in INTERNAL dependency handling, but since it appears that the cases can never arise pre-9.1, I'll refrain from back-patching the logic changes further than that.
* Support "make check" in contribPeter Eisentraut2011-04-252-0/+3
| | | | | | | | | | | | | | Added a new option --extra-install to pg_regress to arrange installing the respective contrib directory into the temporary installation. This is currently not yet supported for Windows MSVC builds. Updated the .gitignore files for contrib modules to ignore the leftovers of a temp-install check run. Changed the exit status of "make check" in a pgxs build (which still does nothing) to 0 from 1. Added "make check" in contrib to top-level "make check-world".
* Avoid use of CREATE OR REPLACE FUNCTION in extension installation files.Tom Lane2011-02-131-10/+10
| | | | | | | | | | | It was never terribly consistent to use OR REPLACE (because of the lack of comparable functionality for data types, operators, etc), and experimentation shows that it's now positively pernicious in the extension world. We really want a failure to occur if there are any conflicts, else it's unclear what the extension-ownership state of the conflicted object ought to be. Most of the time, CREATE EXTENSION will fail anyway because of conflicts on other object types, but an extension defining only functions can succeed, with bad results.
* Convert contrib modules to use the extension facility.Tom Lane2011-02-138-52/+28
| | | | | | | | | | | This isn't fully tested as yet, in particular I'm not sure that the "foo--unpackaged--1.0.sql" scripts are OK. But it's time to get some buildfarm cycles on it. sepgsql is not converted to an extension, mainly because it seems to require a very nonstandard installation process. Dimitri Fontaine and Tom Lane
* Remove useless whitespace at end of linesPeter Eisentraut2010-11-231-2/+2
|
* Some more gitignore cleanups: cover contrib and PL regression test outputs.Tom Lane2010-09-221-0/+2
| | | | | Also do some further work in the back branches, where quite a bit wasn't covered by Magnus' original back-patch.
* Convert cvsignore to gitignore, and add .gitignore for build targets.Magnus Hagander2010-09-221-0/+1
|
* Remove cvs keywords from all files.Magnus Hagander2010-09-204-4/+4
|
* Fix a few single-file (MODULES, not MODULE_big) contrib makefiles that wereTom Lane2010-07-051-2/+2
| | | | | | | | supposing that they should set SHLIB_LINK rather than LDFLAGS_SL. Since these don't go through Makefile.shlib that was a no-op on most platforms. Also regularize the few platform-specific Makefiles that did pay attention to SHLIB_LINK: it seems that the real value of that is to pull in BE_DLLLIBS, so do that instead. Per buildfarm failures on cygwin.
* 8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef listBruce Momjian2009-06-111-5/+5
| | | | provided by Andrew.
* Make earthdistance use version-0 calling convention if not USE_FLOAT8_BYVAL,Tom Lane2008-04-211-14/+56
| | | | | | | | | | and version-1 if USE_FLOAT8_BYVAL. This might seem a bit pointless, but the idea is to have at least one regression test that will fail if we ever accidentally break version-0 functions that return float8. However, they're already broken, or at least hopelessly unportable, in the USE_FLOAT8_BYVAL case. Per a recent suggestion from Greg Stark.
* Convert earthdistance's only C function to v1 call convention,Tom Lane2008-04-201-12/+15
| | | | to future-proof it against pass-by-value float8.
* Add CVS version labels to all install/uninstall scripts.Bruce Momjian2007-11-132-0/+4
|
* Make /contrib install/uninstall script consistent:Bruce Momjian2007-11-111-0/+1
| | | | | | | | | | | | remove transactions use create or replace function make formatting consistent set search patch on first line Add documentation on modifying *.sql to set the search patch, and mention that major upgrades should still run the installation scripts. Some of these issues were spotted by Tom today.
* Remove references to READMEs from /contrib Makefiles.Bruce Momjian2007-11-101-2/+1
|
* Move most /contrib README files into SGML. Some still need conversionBruce Momjian2007-11-101-127/+0
| | | | or will never be converted.
* Fix PGXS conventions so that extensions can be built against PostgresTom Lane2007-06-261-2/+3
| | | | | | installations whose pg_config program does not appear first in the PATH. Per gripe from Eddie Stanley and subsequent discussions with Fabien Coelho and others.
* Fix two more regression tests whose expected outputs were not updatedNeil Conway2007-02-011-4/+4
| | | | for the recent may/might cleanup.
* Handle missing M_PI the same way we've been doing in the core code,Tom Lane2006-10-191-4/+5
| | | | instead of inserting an MSVC dependency.
* Further MSVC portability fixes from Magnus.Tom Lane2006-10-191-1/+4
|
* Rename contrib contains/contained-by operators to @> and <@, per discussion.Tom Lane2006-09-103-33/+33
|
* fix most regression tests for new cube code.Andrew Dunstan2006-07-272-3/+4
|
* Magic blocks don't do us any good unless we use 'em ... so install oneTom Lane2006-05-301-1/+3
| | | | in every shared library.
* Improve parser so that we can show an error cursor position for errorsTom Lane2006-03-141-4/+12
| | | | | | | | | | | during parse analysis, not only errors detected in the flex/bison stages. This is per my earlier proposal. This commit includes all the basic infrastructure, but locations are only tracked and reported for errors involving column references, function calls, and operators. More could be done later but this seems like a good set to start with. I've also moved the ReportSyntaxErrorPosition logic out of psql and into libpq, which should make it available to more people --- even within psql this is an improvement because warnings weren't handled by ReportSyntaxErrorPosition.
* Add CVS tag lines to files that were lacking them.Bruce Momjian2006-03-111-0/+2
|
* Update /contrib regression tests for escape_string_warning.Bruce Momjian2006-03-081-1/+1
|
* Clean up CREATE FUNCTION syntax usage in contrib and elsewhere, inPeter Eisentraut2006-02-271-10/+10
| | | | | particular get rid of single quotes around language names and old WITH () construct.
* contrib uninstall scriptsPeter Eisentraut2006-02-272-1/+25
| | | | by David Fetter
* Standard pgindent run for 8.1.Bruce Momjian2005-10-151-1/+1
|
* PGXS should be set with := not =, as specified in the documentation,Tom Lane2005-09-271-2/+2
| | | | to avoid useless multiple executions of pg_config.
* Partial fixes for contrib build on AIX: include -lm where needed.Tom Lane2005-07-241-1/+3
| | | | Per Rocco Altier.
* Refer to ll_to_earth() function by its actual name.Tom Lane2004-10-041-2/+3
|
View Lorry Controller Status